Design Reference
Table Of Contents
- Contents
- Chapter 1: Introduction
- Chapter 2: New in this release
- Chapter 3: Network design fundamentals
- Chapter 4: Hardware fundamentals and guidelines
- Chapter 5: Optical routing design
- Chapter 6: Platform redundancy
- Chapter 7: Link redundancy
- Chapter 8: Layer 2 loop prevention
- Chapter 9: Spanning tree
- Chapter 10: Layer 3 network design
- Chapter 11: SPBM design guidelines
- Chapter 12: IP multicast network design
- Multicast and VRF-lite
- Multicast and MultiLink Trunking considerations
- Multicast scalability design rules
- IP multicast address range restrictions
- Multicast MAC address mapping considerations
- Dynamic multicast configuration changes
- IGMPv3 backward compatibility
- IGMP Layer 2 Querier
- TTL in IP multicast packets
- Multicast MAC filtering
- Guidelines for multicast access policies
- Multicast for multimedia
- Chapter 13: System and network stability and security
- Chapter 14: QoS design guidelines
- Chapter 15: Layer 1, 2, and 3 design examples
- Chapter 16: Software scaling capabilities
- Chapter 17: Supported standards, RFCs, and MIBs
- Glossary
Figure 56: Firewall load balancing configuration
Use this configuration to redirect incoming and outgoing traffic to a group of firewalls and to
automatically load balance across multiple firewalls. The benefits of such a configuration are
• increased firewall performance
• reduced response time
• redundant firewalls ensure Internet access
Virtual private networks (VPN) replace the physical connection between the remote client and
access server with an encrypted tunnel over a public network. VPN technology employs IP
security (IPsec) and Secure Sockets Layer (SSL) services.
Several Avaya products support IPSec and SSL, including Avaya VPN Gateway and Secure
Router.
Additional information
The following organizations provide the most up-to-date information about network security
attacks and recommendations about good practices:
• The Center of Internet Security Expertise (CERT)
• The Research and Education Organization for Network Administrators and Security
Professionals (SANS)
• The Computer Security Institute (CSI)
System and network stability and security
128 Network Design Reference for Avaya VSP 4000 February 2014
Comments? infodev@avaya.com